Research & Insights

Expert insights from our data scientists, security researchers, and engineers to support your learning.

Expert insights on emerging threats and defenses

Get AI insights for smarter threat detection

Threat bulletins and briefings for proactive defense

Join our security researchers, data scientists, and analysts as we share 11+ years of security-AI research and expertise with the global cybersecurity community.

See the Vectra AI Platform in action.

See how integrated signal from Vectra AI lets you see and stop sophisticated attacks other technologies miss.

Take the interactive tour

Resources

Breaking news and expert insights

Blue Team Workshops, on-demand webinars and global events near you

Join our security researchers, data scientists, and analysts as we share 11+ years of security-AI research and expertise with the global cybersecurity community.

Research reports, attack anatomies, white papers, guides, datasheets and customer stories

Demo Videos & Tours

See the Vectra AI Platform in action.

See how integrated signal from Vectra AI lets you see and stop sophisticated attacks other technologies miss.

Take the interactive tour

Company

See why we’re the world leader in AI security

Request an intro with a Vectra AI security expert

Deployment guides, knowledge base, release notes and security announcements

Join the team behind the world’s first AI-based cybersecurity platform

Breaking news from Vectra AI

Expert insight from security researchers, data scientists and engineers

Beyond Configuration Perfection: Redefining ‘Cloud Security’

Fixing misconfigurations isn’t enough. Over-focusing on perfection can create blind spots. Discover a smarter, holistic approach to cloud security.

Pryx

Pryx is a new ransomware group that has recently emerged, claiming responsibility for significant cyber attacks on educational institutions.

The origin of Pryx

Pryx has targeted Rowan College at Burlington County (RCBC.edu) and Rowan College, compromising their systems and stealing sensitive data. The group has announced the theft of 30,000 university applications, including a wide range of personal and academic information.

^Source:^GBhackers

Countries targeted by Pryx

So far, Pryx ransomware has targeted victims primarily in the US, but it is still too early to determine whether they will confine their attacks to the US alone.

Industries targeted by Pryx

Pryx's first significant attack was against this educational institution, indicating a focus on targeting universities and colleges.

Pryx's victims

On July 3^rd, Pryx compromised the systems of Rowan College at Burlington County, leading to the theft of 30,000 university applications.

Attack Method

A shadowy figure casting a wide net over a digital landscape filled with various devices such as computers, smartphones, and tablets. The net symbolizes the attacker's attempts to find vulnerabilities or use phishing techniques to gain unauthorized access.

A digital ladder extending upwards from a basic user icon towards a crown symbolizing administrative privileges. This represents the attacker's efforts to gain higher-level access within the system.

A chameleon blending into a digital background, with zeroes and ones flowing around it. This represents the attacker's ability to avoid detection by security measures, changing tactics to blend in with normal network traffic.

A thief with a lockpick toolkit working on a giant keyhole shaped like a login form, representing the attacker's efforts to steal user credentials to gain unauthorized access.

A magnifying glass moving over a digital map of a network, highlighting files, folders, and network connections. This image represents the phase where attackers explore the environment to understand the structure and where valuable data resides.

A series of interconnected nodes with a shadowy figure moving stealthily between them. This illustrates the attacker's movements within the network, seeking to gain control of additional systems or spread malware.

A large vacuum sucking up files, data icons, and folders into a bag held by a shadowy figure. This image symbolizes the process of gathering valuable data from the target network.

A command prompt window open in front of a digital background, with malicious code being typed out. This represents the phase where attackers execute their malicious payload within the compromised system.

A series of files being funneled through a covert channel out of a computer to a cloud labeled with a skull, symbolizing the unauthorized transfer of data to a location controlled by the attacker.

A cracked screen with a digital cityscape in chaos behind it, symbolizing the destructive impact of the cyberattack, such as service disruption, data destruction, or financial loss.

Initial Access

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Execution

Exfiltration

Impact

MITRE ATT&CK Mapping

TTPs used by Pryx

TA0001: Initial Access

T1566

Phishing

T1078

Valid Accounts

TA0002: Execution

No items found.

TA0003: Persistence

T1078

Valid Accounts

TA0004: Privilege Escalation

T1078

Valid Accounts

TA0005: Defense Evasion

T1078

Valid Accounts

TA0006: Credential Access

No items found.

TA0007: Discovery

No items found.

TA0008: Lateral Movement

No items found.

TA0009: Collection

No items found.

TA0011: Command and Control

No items found.

TA0010: Exfiltration

No items found.

TA0040: Impact

T1486

Data Encrypted for Impact

Platform Detections

How to Detect Pryx with Vectra AI

List of the Detections available in the Vectra AI Platform that would indicate a ransomware attack.

Pryx

The origin of Pryx

Countries targeted by Pryx

Industries targeted by Pryx

Pryx's victims

TTPs used by Pryx

How to Detect Pryx with Vectra AI

AWS Ransomware S3 Activity

M365 Ransomware

Ransomware File Activity

FAQs

Is Your Organization Safe from Pryx Ransomware Attacks?